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DETAILED ACTION 

1. Claims 1-7, 10-17, and 20-30 are presented for examination. 

Response to Arguments 

2. Applicant's arguments with respect to claims 1 -7, 10-17, and 20-30 have been 
fully considered but are moot in view of the new ground(s) of rejection. 

Claim Rejections - 35 USC § 112 

3. The following is a quotation of the first paragraph of 35 U.S.C. 112: 

The specification shall contain a written description of the invention, and of the 
manner and process of making and using it, in such full, clear, concise, and exact 
terms as to enable any person skilled in the art to which it pertains, or with which 
it is most nearly connected, to make and use the same and shall set forth the best 
mode contemplated by the inventor of carrying out his invention. 

4. Claims 1, 5, 14 and all dependent claims to claims 1, 5, and 14 are rejected under 

35 U.S.C. 112, first paragraph, as failing to comply with the enablement requirement. 
The claim(s) contains subject matter which was not described in the specification in such 
a way as to enable one skilled in the art to which it pertains, or with which it is most 
nearly connected, to make and/or use the invention. Applicant on claim 1 lines 15-lines 
17 claims "wherein access control is not performed if the ID transmitted from the 
internal user is "Anonymous," such that the internal user is permitted to a service 
located in the external network without access control to connect to a server located in 
the external network without access control, and on lines 21-24 of the same claim 
"... if the user ID is "Anonymous," interrupting the transmission of the received 
service command to the external network; and if the user ID is a registered ID other 
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than "Anonymous," transmitting the received service command to the external 
network and transmitting the data received from the internal user to the external 
network,..." 

Applicant is claiming two conflicting ideas of limitations. It is not clear what 
applicant is trying to claim. It is either there must be different types of request that 
applicant is trying to claim or a different kind of access control method, or a different 
invention that is not clearly disclosed in the Applicant's disclosure. If the invention is 
based on different kinds of request (in light of the specification), then applicant is 
required to clearly disclose the types of requests in the claims. For example, request 
comprising connection request to external network and data transmission request to 
external network, 

if the request is connection request to the external network and user is 
"Anonymous" then performing no (no second/no further) access control but/and allowing 
a connection (just physical connection) to the external network, and 

if the request is a data transfer request and user is "Anonymous" then performing 
an access control authentication on the user based on user ID and allowing or denying 
requested file transmission services based on authentication result. ... 

Applicant discloses, in the specification par. 38, "if the client of the internal 
network tries to connect to the FTP proxy to request FTP service from the FTP server 
17/external network...", par. 40 "... if the user ID is "Anonymous," the FTP proxy is 
permitted to connect to the FTP server without any particular access control operation. 
Thus physical connection between the client and FTP server of the external network is 
established. . ." and on par. 46 ". . .if the received command is for transmitting files to the 
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external network, the FTP proxy determines whether the user ID is "Anonymous" the 
FTP proxy prevents the command from being transmitted to the FTP server 17. If the user 
ID is "Anonymous" in the internal network, connection is permitted without any access 
control operation. . . . "the user who uses "Anonymous" is permitted to use only 
commands other than the commands for file transmission to an external network". 
Examiner rejects the claims based on the highlighted idea above, i.e. request comprising 
connecting and transmitting file/data to external network, if the request is for just 
connection, no need to perform access control, if request is to transmit file/data 
performing access control. Claims 5, are 14 are also rejected based on the same rational 
as claim 1 . It is not clear what the applicant is intended to say. Appropriate correction is 
required in response to this Office Action to avoid abandonment. 

5. The following is a quotation of the second paragraph of 35 U.S.C. 1 12: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

9. Claims 5, and 14 and all dependent claims dependent to 5 and 14 are rejected 

under 35 U.S.C. 1 12, second paragraph, as being indefinite for failing to particularly 

point out and distinctly claim the subject matter which applicant regards as the invention. 

As to claims 5 the phrases "the server" on line 14 lack antecedent basis. 

As to claims 14 the phrases "the server" on line 14 lack antecedent basis. It needs 
to be external server/external network. 



Claim Rejections - 35 USC § 103 
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6. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

7. Claims 1-7, 10-17, and 20-30 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over Stockwell et al. USPN 5,950,195 in view of Williams USPN 6,304,973 
Bl. 

Regarding claims 1, 14, and 23, Stockwell et al. teaches a protective device for 
internal resource protection in a network (fig. 4), comprising: 

a firewall (fig. 1 element 14, and 18: TCP, Ethernet) between an internal 
network (fig. 1 element 26) and an external network (fig. 1 element 22), to selectively 
perform a disconnection function for an access request to the external network from 
the internal network (col. 4 lines 28-42 and fig. 4 element 110; terminator 
firewall); 

a FTP proxy (fig. 2 element 50; FTP proxy) to perform an authentication function 
for an access request from the internal network to the external network (col. 4 lines 
43-55, col. 5 lines 17-35; FTP proxy with ACL for service and/or connection 
requests to/from the network); 

wherein the FTP proxy determines whether or not an ID transmitted from 
an internal user of the internal network is a registered ID (col. 7 lines 45-col. 8 
lines 29; FTP proxy determining user accesses based on predefined internal users 
ID), 
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wherein access control is not performed if the ID transmitted from the 

internal user is "Anonymous, such that the internal user is permitted to connect to a 
server located in the external network without access control (col. 12 lines 23-44; 
allowing anonymous FTP), 

wherein transmitting the data comprises: 

checking an ID of the internal user if the received service command is a 

command requesting data transmission (col. 9 lines 16-29); 

it 

if the user ID is Anonymous," interrupting the transmission of the received 
service command to the external network (col. 9 lines 26-31 and fig. 4 elements 1 12, 1 14, 
and 110); and 

if the user ID is a registered ID other than "Anonymous," transmitting 
the received service command to the external network and transmitting the data 
received from the internal user to the external network (col. 9 lines 34-39 and fig. 4 
elements 112, 114, and 104), 

wherein the file system stores data according to a type of the data (col. 5 
lines 53-60), and 

wherein the type of data is at least one of ASCII, EBCDIC, and 
Image (col. 5 lines 53-col. 6 lines 59). 

Stockwell et al. fails to explicitly disclose: 

to record log information related to the transmission of data by an 
authenticated user; and 
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a database to store log information related to the transmission of data 
according to the control of the FTP proxy. 

However Williams discloses a system of firewall security to provide 
internal resource protection from internal user instead of the well known firewall 
protection of internal resource from external users (col. 3 lines 5-15) in using 
multi-level security network and security level col. 5 lines 3-67): 

to record log information related to the transmission of data by an 
authenticated user (col. 18 lines 20-58); 

a database to store log information related to the transmission of data 
according to the control of the FTP proxy (col. 18 lines 20-58). 

Therefore it would have been obvious to one having ordinary skill in the art 
at the time of the invention was made to employ the teachings of Williams within 
the system of Stockwell et al. because they are analogous in network security. One 
would have been motivated to incorporate the idea of Williams because it would 
allow the network administrator to control every user activities performed in the 
network by using the well-known teachings of logging activity information. 

Williams discloses a database to record log information on the FTP proxy as 
disclosed above. Williams does not explicitly disclose storing the transmitted data 
however it is obvious to include a file system to store data transmitted from the 
internal network to the external network, at the time of invention, according to the 
control of the FTP proxy because it would provide identification of data 
transmitted for security. 
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Regarding claim 5, it has similar limitations as claim 1 above. And it has been 
rejected based on the same rational as claim 1. And Williams teaches the additional 
limitations of claim 5 wherein 

if the received service command is a command designating a type of data, storing 
the designated type of data in a file system (col. 8 lines 22-67). 

Regarding claim 2, Williams discloses the device of claim 1, further comprising a 
proxy monitor configured to display the log information outputted from the FTP 
proxy (col. 18 lines 11-58). 

Regarding claim 3, Stockwell et al. further discloses the device of claim 1, wherein 
a client connects to a FTP server of the external network through the FTP proxy 
(col. 4 lines 21-55). 

Regarding claims 4 and 13, Williams teaches the device of claim 1, wherein the log 
information comprises a file name and absolute path of the file data to be stored in the 
FTP server, and a file name and absolute path of the file data logged on the FTP proxy 
(col. 17 lines 66-col. 18 lines 58). 

Regarding claim 6, Stockwell et al. teaches the method of claim 5, wherein 
determining whether the access request is permitted further comprises: 

controlling access by determining whether a host that has transmitted the 

access request is a registered host or not, if the ID of the internal user is a registered ID (col. 

9 lines 10-57). 
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Regarding claims 7, 15, and 27, Stockwell et al. teaches the method of claim 6, wherein 
controlling the access comprises: 

determining whether the ID transmitted from the internal user is a 
registered ID (col. 9 lines 10-57); 

if the ID is registered, reading host information corresponding to the 
registered ID from the database (col. 9 lines 34-39); 

determining whether the host information read from the database and the 
host who has transmitted the access request are identical (col. 9 lines 10-57); and 

permitting access to the external network if the two hosts arc identical 
(fig. 4 element 104). 

Regarding claims 10, 16, and 28, the combination teach the method of claim 5 recording 
the transmission and reception of services comprises: 

receiving file data to be transmitted from the internal user to the external network 

(Fig. 2 element 50, and Stockwell et al. col. 8 lines 39-col. 9 lines 40); 

identifying the file data according to its data type to store the file data in the file 
system (Stockwell et al. col. 8 lines 39-col. 9 lines 40 and Fig. 2 element 50); and 

recording log information on the transmission of file data in a database (Williams 
col. 18 lines 11-67). 
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Regarding claim 1 1, Williams teaches the method of claim 10, wherein the filed data can 
be identified by the user as a designated data type or can be identified as a default data 
type (col. 10 lines 56-65). 

Regarding claim 12, Williams teaches the method of claim 10 wherein the log 
information is recorded in the database when all data to be transmitted from the internal 
user to the external network is transmitted (col. 18 lines 1 1-27). 

Regarding claims 17 and 29, Williams teaches the method of claim 16, wherein the log 
information comprises a user ID for performing file data transmission, a source IP 
address of the client being used by the internal user, a destination IP address of the 
FTP server that receives the file data, a date and time of file data transmission, a file 
name and absolute path of the file data to be stored in the FIT server, and a file name 
and absolute path of the file data logged on the FTP proxy (col. 18 lines 1 1-59). 

Regarding claim 20, Stockwell et al. teaches the device of claim 1, further comprising 
a client, coupled to the firewall and to the FTP proxy, to request FTP service from 
the external network if the FTP proxy successfully authenticates the client (col. 4 
lines 23-55 and col. 5 lines 7-47 and fig. 2; performing access control check on the 
user connected to firewall and FTP proxy). 
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Regarding claims 21, 22, and 30, Williams teaches the method of claim 10, further 
comprising outputting the log information in a form recognizable to a system 
operator (col. 18 lines 20-28; log file). 

Regarding claim 24, Stockwell et al. and Williams disclose all the subject matter as 
described above. Williams further discloses the method of claim 23, wherein storing 
the copy comprises storing the copy of the transmitted data (see claim 1 above) and 
the log information in the database of a file system (col. 18 lines 20-28; log file). 

Regarding claim 25, Stockwell et al. teaches the method of claim 24, wherein the file 
system stores data based on a type of the data (col. 5 lines 53-col. 6 lines 59; FTP 
proxy storing files to be transmitted.). 

Regarding claim 26, Stockwell et al. teaches the method of claim 25, wherein the type 
of data comprises one of the group of ASCII, EBCDC and Image (col. 5 lines 53-col. 
6 lines 59). 

Conclusion 

8. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. BorderWare Firewall Server 5.0, and BorderWare Firewall 
Version 5.0, disclose the well known FTP proxy authentication for accesses requested 
from the internal user to external user and Log file. 
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9. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Eleni A. Shiferaw whose telephone number is 571-272- 
3867. The examiner can normally be reached on Mon-Fri 8:00am-5:00pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz R. Sheikh can be reached on 571-272-3795. The fax phone number for 
the organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. Status 
information for unpublished applications is available through Private PAIR only. For 
more information about the PAIR system, see http://pair-direct.uspto.gov. Should you 
have questions on access to the Private PAIR system, contact the Electronic Business 
Center (EBC) at 866-217-9197 (toll-free). 
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